search

code-423n4 / 2023-01-astaria-findings

5 stars 2 forks source link

Native (ETH) tokens sent to the AstariaRouter contract will be locked forever #117

Open code423n4 opened 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-01-astaria/blob/1bfc58b42109b839528ab1c21dc9803d663df898/src/AstariaRouter.sol#L155

Vulnerability details

Impact

Detailed description of the impact of this finding. There are several functions in AstariaRouter.sol that have the modifier payable. If a user sends native tokens (ETH) to the contract, then they will be locked in the contract forever since there is no function to withdraw such native tokens.

Proof of Concept

Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. There are several functions in AstariaRouter.sol that have the modifier payable. If a user sends native tokens (ETH) to the contract, then they will be lost forever since there is no function to withdraw such native tokens. These functions include:

  1. mint()
  2. deposit()
  3. withdraw() 4 redeem()
  4. pullToken()

Tools Used

Remix

Recommended Mitigation Steps

Remove the modifier payable from these functions so that one can never send native tokens (ETH) to the contract.

Picodes commented 1 year ago

Downgrading to QA as it'd be a user mistake, similar to sending an ERC20 to a contract

c4-judge commented 1 year ago

Duplicate of https://github.com/code-423n4/2023-01-astaria-findings/issues/65